Leese, MJ (Mark) wrote:
I need to authenticate employees at my lab onto our wireless network using a Captive Portal and our corporate database (Active Directory). The Access-Request from the Captive Portal contains a cleartext password but our Active Directory does not store cleartext passwords. Can someone please tell me what options I have? Is it possible to use rlm_krb, for example?
That can be done, but I wouldn't suggest it. Just use LDAP "bind as user". It should work.
Someone suggested I could authenticate the user with an LDAP bind, but I don't see how this would work.
It works. FreeRADIUS supplies the clear-text password to AD, and it returns "Ok/fail".
I'm running FreeRADIUS 1.1.4 but I can update to a newer version any time.
For this, you shouldn't need to upgrade. But it's still likely not a bad idea. Alan DeKok.